我被困在防火墙后面,所以必须使用HTTPS访问我的GitHub存储库。我在Windows XP上使用cygwin 1.7.7。

我试过把遥控器设置为https://username@github.com/username/ExcelANT.git,但按下输入密码的提示,但输入后没有任何反应。 https://username:<密码>github.com/username/ExcelANT.git和克隆空回购从零开始,但每次它给我同样的错误

错误:SSL证书有问题,请检查CA证书是否正确。细节: SSL例程:SSL3_GET_SERVER_CERTIFICATE:访问https://github.com/username/ExcelANT.git/info/refs时证书验证失败

打开GIT_CURL_VERBOSE=1会给我

* About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * successfully set certificate verify locations: * CAfile: none CApath: /usr/ssl/certs * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Expire cleared * Closing connection #0 * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * successfully set certificate verify locations: * CAfile: none CApath: /usr/ssl/certs * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Expire cleared * Closing connection #0 error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://github.com/username/ExcelANT.git/info/refs

fatal: HTTP request failed

这是我的防火墙有问题吗,cygwin还是什么?

我没有在Git配置中设置HTTP代理,但是它是一个ISA服务器,需要NTLM身份验证,不是基本的,所以除非有人知道如何强制Git使用NTLM,否则我就完了。


当前回答

从Github生成访问令牌并保存它,因为它不会再次出现。

git -c http.sslVerify=false clone https://<username>:<token>@github.com/repo.git

or,

git config --global http.sslVerify false
git clone https://github.com/repo.git

其他回答

对于那些使用Msys/MinGW GIT的用户,添加这个

  export GIT_SSL_CAINFO=/mingw32/ssl/certs/ca-bundle.crt 

我在必须管理的协作开发平台上配置Git时遇到了同样的问题。

解决方法:

I've Updated the release of Curl installed on the server. Download the last version on the website Download page of curland follow the installation proceedings Installation proceedings of curl Get back the certificate of the authority which delivers the certificate for the server. Add this certificate to the CAcert file used by curl. On my server it is located in /etc/pki/tls/certs/ca-bundle.crt. Configure git to use this certificate file by editing the .gitconfig file and set the sslcainfo path. sslcainfo= /etc/pki/tls/certs/ca-bundle.crt On the client machine you must get the certificate and configure the .gitconfig file too.

我希望这对你们中的一些人有所帮助。

我知道最初的问题列出了Cygwin,但这是CentOS的解决方案:

curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt

来源:http://eric.lubow.org/2011/security/fixing-centos-root-certificate-authority-issues/

通过在Windows cmd中暂时禁用GIT/curl ssl验证来改进RouMao的解决方案:

set GIT_SSL_NO_VERIFY=true
git config --global http.proxy http://<your-proxy>:443

这个解决方案的优点是它只在当前cmd窗口中生效。

一个非常简单的解决方案:用git://替换https://

使用git: / /。存储库,而不是https://the.repository,将工作。

我有这个问题在Windows与TortoiseGit和这解决了它。